<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>第三章 信息系统治理</title>
    <link rel="stylesheet" href="/static/styles.css">
    <script>
        function toggleVisibility(elementId) {
            const element = document.getElementById(elementId);
            if (element) {
                element.classList.toggle('hidden');
            }
        }

        function addClickEvent(element, elementId) {
            element.addEventListener('click', function() {
                toggleVisibility(elementId);
                this.classList.toggle('clicked');
            });
        }

        document.addEventListener('DOMContentLoaded', function() {
            const nodes = document.querySelectorAll('.node, .subnode, .subsubnode, .subsubsubnode');
            nodes.forEach(node => {
                const elementId = node.getAttribute('data-target');
                if (elementId) {
                    addClickEvent(node, elementId);
                }
            });
        });
    </script>
</head>
<body>
    <!-- 修正未闭合标签并添加容器 -->
    <div class="mindmap-container">
        <!-- 3.1 IT治理 -->
        <div class="mindmap" id="chapter3.1">
            <div class="node" data-target="section3_1">
                <div class="node-content">
                    <span>3.1 IT治理</span>
                    <span class="icon">▼</span>
                </div>
            </div>
            <div id="section3_1" class="hidden content-scrollable">
                <div class="subnode" data-target="subsection3_1_1">
                    <div class="subnode-content">
                        <span>定义</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_1_1" class="hidden">
                    <div class="subsubnode">IT治理是描述组织采用有效的机制对信息技术和数据资源开发利用，平衡风险，确保实现组织的战略目标的过程</div>
                </div>
                <div class="subnode" data-target="subsection3_1_2">
                    <div class="subnode-content">
                        <span>1.1 IT治理基础</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_1_2" class="hidden">
                    <div class="subsubnode" data-target="subsubsection3_1_2_1">
                        <div class="subsubnode-content">
                            <span>1. IT治理的驱动因素</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_2_1" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>战略对齐</li>
                                <li>资源优化</li>
                                <li>风险管理</li>
                                <li>价值创造</li>
                                <li>合规性</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_2_2">
                        <div class="subsubnode-content">
                            <span>2. IT治理主要目标</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_2_2" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>与业务目标一致</li>
                                <li>有效利用信息与数据资源</li>
                                <li>风险管理</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_2_3">
                        <div class="subsubnode-content">
                            <span>3. IT治理管理层次</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_2_3" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>最高管理层：证实IT战略与业务战略是否一致</li>
                                <li>执行管理层：制定IT目标</li>
                                <li>业务与服务执行层：服务的提供和支持</li>
                            </ul>
                        </div>
                    </div>
                </div>
                <div class="subnode" data-target="subsection3_1_3">
                    <div class="subnode-content">
                        <span>1.2 IT治理体系</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_1_3" class="hidden">
                    <div class="subsubnode" data-target="subsubsection3_1_3_1">
                        <div class="subsubnode-content">
                            <span>定位</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_3_1" class="hidden">
                        <div class="subsubsubnode">业务目标与IT一致</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_3_2">
                        <div class="subsubnode-content">
                            <span>架构</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_3_2" class="hidden">
                        <div class="subsubsubnode">治理委员会构成</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_3_3">
                        <div class="subsubnode-content">
                            <span>内容</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_3_3" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>投资</li>
                                <li>风险</li>
                                <li>绩效</li>
                                <li>标准和规范</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_3_4">
                        <div class="subsubnode-content">
                            <span>流程</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_3_4" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>统筹</li>
                                <li>评估</li>
                                <li>指导</li>
                                <li>监督</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_3_5">
                        <div class="subsubnode-content">
                            <span>效果</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_3_5" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>内部评价</li>
                                <li>外部评价</li>
                            </ul>
                        </div>
                    </div>
                </div>
                <div class="subnode" data-target="subsection3_1_4">
                    <div class="subnode-content">
                        <span>1.3 IT治理任务</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_1_4" class="hidden">
                    <div class="subsubnode">
                        <ul>
                            <li>全局统筹</li>
                            <li>价值导向</li>
                            <li>机制保障</li>
                            <li>创新发展</li>
                            <li>文化助推</li>
                        </ul>
                    </div>
                </div>
                <div class="subnode" data-target="subsection3_1_5">
                    <div class="subnode-content">
                        <span>1.4 IT治理方法与标准</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_1_5" class="hidden">
                    <div class="subsubnode" data-target="subsubsection3_1_5_1">
                        <div class="subsubnode-content">
                            <span>ITSS中的IT服务治理</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_5_1" class="hidden">
                        <div class="subsubsubnode">
                            <p>IT治理通用要求 GB/T《信息技术服务治理第1部分：通用要求》</p>
                            <ul>
                                <li>规定了IT治理的模型和框架</li>
                                <li>实施IT治理的原则</li>
                                <li>开展IT顶层设计</li>
                                <li>管理体系和资源的治理要求</li>
                            </ul>
                            <p>该标准可用于：</p>
                            <ul>
                                <li>建立IT治理体系，实施自我评价</li>
                                <li>开展技术审计</li>
                                <li>解决方案</li>
                                <li>第三方评价</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_5_2">
                        <div class="subsubnode-content">
                            <span>IT治理模型</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_5_2" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>内外部要求</li>
                                <li>治理主体</li>
                                <li>治理方法</li>
                                <li>信息技术及其应用的管理体系</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_1_5_3">
                        <div class="subsubnode-content">
                            <span>IT治理框架</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_1_5_3" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>顶层设计</li>
                                <li>管理体系</li>
                                <li>资源</li>
                            </ul>
                        </div>
                    </div>
                </div>
            </div>
        </div> <!-- 修正闭合标签 -->
        
        <!-- 3.2 IT审计 -->
        <div class="mindmap" id="chapter3.2">
            <div class="node" data-target="section3_2">
                <div class="node-content">
                    <span>3.2 IT审计</span>
                    <span class="icon">▼</span>
                </div>
            </div>
            <div id="section3_2" class="hidden content-scrollable">
                <div class="subnode" data-target="subsection3_2_1">
                    <div class="subnode-content">
                        <span>2.1 IT审计基础</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_2_1" class="hidden">
                    <div class="subsubnode" data-target="subsubsection3_2_1_1">
                        <div class="subsubnode-content">
                            <span>定义</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_1_1" class="hidden">
                        <div class="subsubsubnode">IT审计是对组织的IT系统、流程和控制的独立评估，以确保其符合组织目标和要求。</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_1_2">
                        <div class="subsubnode-content">
                            <span>IT审计目的</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_1_2" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>了解总体状况</li>
                                <li>对IT目标进行审查和评价</li>
                                <li>识别与评估IT风险</li>
                                <li>提出改进建议</li>
                                <li>促进实现IT目标</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_1_3">
                        <div class="subsubnode-content">
                            <span>IT审计目标</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_1_3" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>IT战略与业务战略一致</li>
                                <li>保护信息资产与数据</li>
                                <li>提高系统安全性、可靠性、有效性</li>
                                <li>保证信息系统符合要求</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_1_4">
                        <div class="subsubnode-content">
                            <span>IT审计范围</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_1_4" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>总体范围：根据审计目的和投入审计成本确定</li>
                                <li>组织范围：组织机构、主要流程、活动及人员</li>
                                <li>物理范围：物理地点与边界</li>
                                <li>逻辑范围：涉及的信息系统和逻辑边界</li>
                            </ul>
                        </div>
                    </div>
                </div>
                <div class="subnode" data-target="subsection3_2_2">
                    <div class="subnode-content">
                        <span>2.2 审计方法与技术</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_2_2" class="hidden">
                    <div class="subsubnode" data-target="subsubsection3_2_2_1">
                        <div class="subsubnode-content">
                            <span>审计依据与准则</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_2_1" class="hidden">
                        <div class="subsubsubnode">涉及IT审计的标准、法规和最佳实践。</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_2_2">
                        <div class="subsubnode-content">
                            <span>审计常用方法</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_2_2" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>访谈法</li>
                                <li>检查法</li>
                                <li>调查法</li>
                                <li>观察法</li>
                                <li>测试法</li>
                                <li>程序代码检查法</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_2_3">
                        <div class="subsubnode-content">
                            <span>审计技术</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_2_3" class="hidden">
                        <div class="subsubsubnode">
                            <ul>
                                <li>风险评估</li>
                                <li>审计抽样</li>
                                <li>计算机辅助技术</li>
                                <li>大数据审计技术</li>
                            </ul>
                        </div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_2_4">
                        <div class="subsubnode-content">
                            <span>审计证据</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_2_4" class="hidden">
                        <div class="subsubsubnode">审计过程中收集的证明材料，用于支持审计结论和建议。</div>
                    </div>
                </div>
                <div class="subnode" data-target="subsection3_2_3">
                    <div class="subnode-content">
                        <span>2.3 审计流程</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_2_3" class="hidden">
                    <div class="subsubnode" data-target="subsubsection3_2_3_1">
                        <div class="subsubnode-content">
                            <span>审计准备</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_3_1" class="hidden">
                        <div class="subsubsubnode">包括确定审计目标、范围、资源和时间表。</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_3_2">
                        <div class="subsubnode-content">
                            <span>审计实施</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_3_2" class="hidden">
                        <div class="subsubsubnode">执行审计计划，收集和分析审计证据。</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_3_3">
                        <div class="subsubnode-content">
                            <span>审计终结</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_3_3" class="hidden">
                        <div class="subsubsubnode">编制审计报告，提出改进建议。</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_3_4">
                        <div class="subsubnode-content">
                            <span>后续审计</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_3_4" class="hidden">
                        <div class="subsubsubnode">跟踪审计建议的实施情况，确保改进措施有效。</div>
                    </div>
                </div>
                <div class="subnode" data-target="subsection3_2_4">
                    <div class="subnode-content">
                        <span>2.4 审计内容</span>
                        <span class="icon">▼</span>
                    </div>
                </div>
                <div id="subsection3_2_4" class="hidden">
                    <div class="subsubnode" data-target="subsubsection3_2_4_1">
                        <div class="subsubnode-content">
                            <span>IT内部控制审计</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_4_1" class="hidden">
                        <div class="subsubsubnode">评估组织的IT内部控制措施的有效性。</div>
                    </div>
                    <div class="subsubnode" data-target="subsubsection3_2_4_2">
                        <div class="subsubnode-content">
                            <span>IT专项服务审计</span>
                            <span class="icon">▼</span>
                        </div>
                    </div>
                    <div id="subsubsection3_2_4_2" class="hidden">
                        <div class="subsubsubnode">对特定IT服务或项目的审计，如数据中心审计、网络安全审计等。</div>
                    </div>
                </div>
            </div>
        </div>
    </div>
</body>
</html>